﻿using System.Web;
using System.Web.Security;
using ExcellentCRM.DataService;
using ExcellentCRM.DataService.Models;
using ExcellentCRM.Site.Utilities;

namespace ExcellentCRM.Site.Authorize
{
    public sealed class WebSecurity
    {
        public static bool Login(string userName, string password, bool persistCookie = false)
        {
            var sf = new ServiceFactory();
            var acct = sf.AcctService.GetModel(userName, password);
            if (acct != null)
            {
                FormsAuthentication.SetAuthCookie(userName, persistCookie);
                HttpContext.Current.Session[PresetValues.SessionKeys.CurrentAcctId] = acct.Id;
                return true;
            }
            return false;
        }

        public static void Logout()
        {
            FormsAuthentication.SignOut();
        }

        public static void CreateUserAndAccount(string userName, string password)
        {
            var sf = new ServiceFactory();
            sf.AcctService.Save(new Account {AcctName = userName, AcctPass = password});
        }

        public static bool ChangePassword(string name, string oldPassword, string newPassword)
        {
            throw new System.NotImplementedException();
        }

        public static void CreateAccount(string userName, string newPassword)
        {
            throw new System.NotImplementedException();
        }
    }
}